1
17.1 Legacy Series / VPN -> VPN routing? IPSec <-> OpenVPN [solved]
« on: February 17, 2017, 05:54:11 am »
running 17.1.1
I have:
LAN 192.168.5.0/24
Open VPN server192.168.25.0/24 192.168.6.192/29 192.168.4.0/24
IPSec tunnel to 10.100.0.0/16
OpenVPN clients can see the LAN resources and route traffic out to the internet.
LAN clients can reach the IPSec net just fine.
I can't for the life of me figure out how to get packets from an OpenVPN client to route to/from the IPSec connection. Is this possible if so how?
Solved: i just figured it out. If I put the OpenVPN inside the LAN address space, eg 192.168.5.192/29 it works
Solved 2: Better solution - and the fix that I should have found in the first place. In the IPSec phase 2 setting I had Local Network set to LAN Subnet. I needed to switch it to "Network" with a netmask that would encompass both my LAN and OpenVPN address spaces. In my case 192.146.4.0/23
I have:
LAN 192.168.5.0/24
Open VPN server
IPSec tunnel to 10.100.0.0/16
OpenVPN clients can see the LAN resources and route traffic out to the internet.
LAN clients can reach the IPSec net just fine.
Solved 2: Better solution - and the fix that I should have found in the first place. In the IPSec phase 2 setting I had Local Network set to LAN Subnet. I needed to switch it to "Network" with a netmask that would encompass both my LAN and OpenVPN address spaces. In my case 192.146.4.0/23